• You will partner with Product and Engineering at both the design and development stage to ensure that we implement new features securely, including (but not limited to): • Participating in the implementation efforts • Doing security reviews • Helping with product design decisions • Auditing and surfacing vulnerabilities in our current products • Conducting threat modeling and security assessments for new features and systems, identifying risks early and shaping secure architectural decisions. • Developing and improving our Automated Tooling: further enhancing our automated tooling to scale our product security capabilities and find potential code problems both before and after we deploy • Making the safe way, the easy way: work on defining and building application guardrails so that developers can build securely by default • Investigating and remediating security issues, including vulnerabilities and incidents, and drive long-term improvements to prevent recurrence • Embedding a culture of secure development across engineering, defining practices that influence how Turnkey builds, deploys, and maintains systems at scale.

• Build & Secure Corporate Infrastructure • Design, implement, and manage security for endpoints and distributed systems; deploy and operate our security stack (MDM, EDR/XDR, ZTNA, SSO); enforce zero-trust principles, least-privilege access, and hardening standards • Drive Security Initiatives & Risk Reduction • Lead initiatives around endpoint hardening, access controls, and vendor risk; conduct security design reviews, risk assessments, and vulnerability remediation; develop and enforce security policies and best practices. • Detection, Response & Automation • Respond to security incidents with urgency and technical depth; collaborate on detection rules, alerts, and monitoring; automate workflows and create runbooks and playbooks to scale security operations efficiently. • Foster Security Culture & Education • Evangelize security best practices, build awareness programs, and partner with teams to embed “secure by default” principles into workflows; serve as a trusted security advisor across the organization.

• Develop and test ROM, bootloader, and run-time firmware for enabling secure boot on security processors and Root-of-Trust devices • Design and implement code-signing, key management, and software release processes • Develop and integrate real-time operating systems like TockOS or Zephyr • Create and maintain security documentation • Design and develop on-device attestation mechanisms • Provide guidance on secure coding practices

• Oversee all aspects of the technology design process, ensuring alignment with project-specific scope, deliverables, schedules, and budgets • Manage and optimize the efficiency of team members assigned to your projects • Ensure quality control of design documents and project deliverables • Use Bluebeam to create and review markups; collect input from team members • Respond to RFIs and RFQs as needed • Schedule and attend project meetings, site walks, and BIM coordination sessions • Produce design documents and drawings using Revit